package security;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;
import org.springframework.security.util.TextUtils;

public class CustomAuthenticationProcessingFilter extends
AuthenticationProcessingFilter {


	public Authentication attemptAuthentication(HttpServletRequest request)
	throws AuthenticationException {

		String username = obtainUsername(request);
		String password = obtainPassword(request);

		UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(
				username + "$" + password, password
		);

		// Place the last username attempted into HttpSession for views
        HttpSession session = request.getSession(false);

        if (session != null || getAllowSessionCreation()) {
            request.getSession().setAttribute(SPRING_SECURITY_LAST_USERNAME_KEY, TextUtils.escapeEntities(username));
        }

		// Allow subclasses to set the "details" property
		setDetails(request, authRequest);

		Authentication aut = this.getAuthenticationManager().authenticate(authRequest);
		

		return aut;

	}


}
